There are pros and cons to the different approaches, but one principle should trump them all: FULL DISCLOSURE.
I as a buyer (consumer) will not enter a purchase contract with...Continue Readinga seller unless the following is disclosed:
(1) for how long can I expect the seller to update the software on the IoT device? I do not need to add to the pile of cyberjunk and operating an unmaintained IoT device is a security risk. Best practice manufacturers will offer a reasonable support horizon plus open source the code so that buyers can keep maintaining the devices themselves if they so wish. I am OK with both the proprietary and the open source model, though I will prefer the open source because it gives me more control on my property.
(2) with whom is the device communicating? what does the device communicate? can communication be disabled? how long is the communicated data retained and what is done with it? I want to make a deliberate, informed decision trading off some of my privacy in exchange for the benefit provided by the device. Again, best practice manufacturers will offer opt outs and full disclosure, while others will try to monetize consumers behind their backs. Guess who will get my business?
For now, I let others buy into the IoT frenzy, until the smart manufacturer will come along, or until the industry is properly regulated.

It was Amazon's plan that woke up the public about drones. They imagined thousands of them buzzing around town, delivering packages to the special people. I'm glad that the FAA...Continue Readingthinks that a 54 pound drone falling from 499 feet is safe. No way that could go wrong.

I find it surprising that such an important subject would fail to mention the "root" of IT security and also the vulnerability exploited most often to cause the most possible...Continue Readingdamage. Privileged access accounts, used by system administrators and select others, are the way Sony & Anthem were compromised. The fact is these user accounts are the least monitored and offer "keys to the kingdom" to whomever can steal them.